P
US12483399B2ActiveUtilityPatentIndex 66

Access control interfaces for blockchains

Assignee: CUBE SECURITY INCPriority: Jul 20, 2022Filed: Dec 15, 2023Granted: Nov 25, 2025
Est. expiryJul 20, 2042(~16 yrs left)· nominal 20-yr term from priority
Inventors:MAROSI-BAUER ATTILAVON GRAVROCK EINARASTIERNAN SEANLEKEVICIUS JONAS
H04L 9/0894H04L 9/50G06F 21/629G06F 2221/2141G06F 21/64H04L 9/3247H04L 9/088
66
PatentIndex Score
2
Cited by
24
References
20
Claims

Abstract

An access control server may store a private cryptographic key. The private cryptographic key corresponds to a public cryptographic key. The public cryptographic key is stored on a blockchain as part of an autonomous program protocol. The access control server may receive access control setting related to the autonomous program protocol. The access control server may receive a request for accessing the autonomous program protocol stored on the blockchain. The access control server may review the request. The access control server may determine the request is in compliance with the policies specified in the setting. The access control server may create, using the private cryptographic key, a digital signature for the request and generate a response including the digital signature. A successful verification of the digital signature using the public cryptographic key stored in the autonomous program protocol is required by the autonomous program protocol to process the request.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A computer-implemented method, comprising:
 storing one or more access control policies related to a smart contract that is recorded on a blockchain;   receiving a request payload of a request to access the smart contract, the request from a requester who initiated the request payload for execution of the request payload using the smart contract;   applying a machine learning model to the request payload to determine whether the request payload in compliance with the one or more access control policies;   creating an authorization for the request, the authorization indicating that the request is in compliance with the one or more access control policies, the authorization comprising a cryptographic digital signature that includes a hash of a version of the request payload; and   transmitting the authorization to the requester, wherein the smart contract is configured to, in response to receiving the authorization, verify the authorization before executing the request payload, wherein verifying the authorization comprises determining whether the hash of the version of the request payload in the cryptographic digital signature matches a hash of a version of an incoming transaction request that includes the request payload.   
     
     
         2 . The computer-implemented method of  claim 1 , wherein the smart contract contains code that is generated by an access control server. 
     
     
         3 . The computer-implemented method of  claim 1 , wherein the request comprises a function call to the smart contract. 
     
     
         4 . The computer-implemented method of  claim 1 , wherein the access control policies comprise settings with respect to a plurality of function calls. 
     
     
         5 . The computer-implemented method of  claim 4 , wherein an access control policy with respect to one of the function calls is unrestricted and the authorization for the request with respect to the one of the function calls is generated unconditionally. 
     
     
         6 . The computer-implemented method of  claim 1 , wherein the cryptographic digital signature comprising an encrypted version of the transaction request that is encrypted by a cryptographic private key, and verifying the authorization comprises using a cryptographic public key to decrypt the encrypted version. 
     
     
         7 . The computer-implemented method of  claim 1 , wherein the cryptographic digital signature comprises context data of the request. 
     
     
         8 . A system, comprising:
 one or more processors; and   memory coupled to the one or more processors, the memory configured to store code comprising instructions, wherein the instructions, when executed by the one or more processors, cause the one or more processors to:
 store one or more access control policies related to a smart contract that is recorded on a blockchain; 
 receive a request payload of a request to access the smart contract, the request from a requester who initiated the request payload for execution of the request payload using the smart contract; 
 apply a machine learning model to the request payload to determine whether the request payload in compliance with the one or more access control policies; 
 create an authorization for the request, the authorization indicating that the request is in compliance with the one or more access control policies, the authorization comprising a cryptographic digital signature that includes a hash of a version of the request payload; and 
 transmit the authorization to the requester, wherein the smart contract is configured to, in response to receiving the authorization, verify the authorization before executing the request payload, wherein verifying the authorization comprises determining whether the hash of the version of the request payload in the cryptographic digital signature matches a hash of a version of an incoming transaction request that includes the request payload. 
   
     
     
         9 . The system of  claim 8 , wherein the smart contract contains code that is generated by an access control server. 
     
     
         10 . The system of  claim 8 , wherein the request comprises a function call to the smart contract. 
     
     
         11 . The system of  claim 8 , wherein the access control policies comprise settings with respect to a plurality of function calls. 
     
     
         12 . The system of  claim 11 , wherein an access control policy with respect to one of the function calls is unrestricted and the authorization for the request with respect to the one of the function calls is generated unconditionally. 
     
     
         13 . The system of  claim 8 , wherein the cryptographic digital signature comprising an encrypted version of the transaction request that is encrypted by a cryptographic private key, and verifying the authorization comprises using a cryptographic public key to decrypt the encrypted version. 
     
     
         14 . The system of  claim 8 , wherein the cryptographic digital signature comprises context data of the request. 
     
     
         15 . A system, comprising:
 a smart contract recorded on a blockchain;   an access control server operating independent of the blockchain, the access control server comprising one or more processors and memory coupled to the one or more processors, the memory configured to store code comprising instructions, wherein the instructions, when executed by the one or more processors, cause the one or more processors to:
 store one or more access control policies related to the smart contract that is recorded on the blockchain; 
 receive a request payload of a request to access the smart contract, the request from a requester who initiated the request payload for execution of the request payload using the smart contract; 
 apply a machine learning model to the request payload to determine whether the request payload in compliance with the one or more access control policies; 
 create an authorization for the request, the authorization indicating that the request is in compliance with the one or more access control policies, the authorization comprising a cryptographic digital signature that includes a hash of a version of the request payload; and 
 transmit the authorization to the requester, wherein the smart contract is configured to, in response to receiving the authorization, verify the authorization before executing the request payload, wherein verifying the authorization comprises determining whether the hash of the version of the request payload in the cryptographic digital signature matches a hash of a version of an incoming transaction request that includes the request payload. 
   
     
     
         16 . The system of  claim 15 , wherein the smart contract contains code that is generated by an access control server. 
     
     
         17 . The system of  claim 15 , wherein the request comprises a function call to the smart contract. 
     
     
         18 . The system of  claim 15 , wherein the access control policies comprise settings with respect to a plurality of function calls. 
     
     
         19 . The system of  claim 18 , wherein an access control policy with respect to one of the function calls is unrestricted and the authorization for the request with respect to the one of the function calls is generated unconditionally. 
     
     
         20 . The system of  claim 19 , wherein the cryptographic digital signature comprising an encrypted version of the transaction request that is encrypted by a cryptographic private key, and verifying the authorization comprises using a cryptographic public key to decrypt the encrypted version.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.